PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Macros | Typedefs | Functions | Variables
pe_sieve_api.h File Reference

The API: definitions of the exported elements that are accessible from PE-sieve DLL. More...

#include <windows.h>
#include <pe_sieve_types.h>

Go to the source code of this file.

Macros

#define PESIEVE_API   __declspec(dllexport)
 
#define PESIEVE_API_FUNC   PESIEVE_API __cdecl
 

Typedefs

typedef t_report PEsieve_report
 
typedef t_params PEsieve_params
 
typedef t_report_type PEsieve_rtype
 

Functions

void PESIEVE_API_FUNC PESieve_help (void)
 Shows a MessageBox with the informations about PE-sieve.
 
PEsieve_report PESIEVE_API_FUNC PESieve_scan (IN const PEsieve_params &args)
 Performs a PE-sieve scan with a supplied set of parameters (defined as a structure t_params). Returns a summary of the scan in a variable of type t_report.
 
PEsieve_report PESIEVE_API_FUNC PESieve_scan_ex (IN const PEsieve_params &args, IN const PEsieve_rtype rtype, OUT char *json_buf, IN size_t json_buf_size, OUT size_t *buf_needed_size)
 Performs a PE-sieve scan with a supplied set of parameters (defined as a structure t_params). Returns a summary of the scan in a variable of type t_report. Allows to supply a buffer that will be filled with full JSON report.
 

Variables

const DWORD PESIEVE_API PESieve_version
 PE-sieve version in a DWORD form.
 

Detailed Description

The API: definitions of the exported elements that are accessible from PE-sieve DLL.

Definition in file pe_sieve_api.h.

Macro Definition Documentation

◆ PESIEVE_API

#define PESIEVE_API   __declspec(dllexport)

Definition at line 13 of file pe_sieve_api.h.

◆ PESIEVE_API_FUNC

#define PESIEVE_API_FUNC   PESIEVE_API __cdecl

Definition at line 21 of file pe_sieve_api.h.

Typedef Documentation

◆ PEsieve_params

typedef t_params PEsieve_params

Definition at line 40 of file pe_sieve_api.h.

◆ PEsieve_report

typedef t_report PEsieve_report

Definition at line 39 of file pe_sieve_api.h.

◆ PEsieve_rtype

typedef t_report_type PEsieve_rtype

Definition at line 41 of file pe_sieve_api.h.

Function Documentation

◆ PESieve_help()

void PESIEVE_API_FUNC PESieve_help ( void )

Shows a MessageBox with the informations about PE-sieve.

Definition at line 74 of file pe_sieve_api.cpp.

Here is the call graph for this function:

◆ PESieve_scan()

PEsieve_report PESIEVE_API_FUNC PESieve_scan ( IN const PEsieve_params & args)

Performs a PE-sieve scan with a supplied set of parameters (defined as a structure t_params). Returns a summary of the scan in a variable of type t_report.

Definition at line 69 of file pe_sieve_api.cpp.

Here is the call graph for this function:

◆ PESieve_scan_ex()

PEsieve_report PESIEVE_API_FUNC PESieve_scan_ex ( IN const PEsieve_params & args,
IN const PEsieve_rtype rtype,
OUT char * json_buf,
IN size_t json_buf_size,
OUT size_t * buf_needed_size )

Performs a PE-sieve scan with a supplied set of parameters (defined as a structure t_params). Returns a summary of the scan in a variable of type t_report. Allows to supply a buffer that will be filled with full JSON report.

Variable Documentation

◆ PESieve_version

const DWORD PESIEVE_API PESieve_version
extern

PE-sieve version in a DWORD form.

Generated by doxygen 1.12.0